EUVD-2025-209251
GHSA-pwpp-jvrh-rhmv
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
3DescriptionNVD
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem (Exynos 980, 850, 990, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 1680, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400, and Modem 5410). The absence of proper input validation leads to a Denial of Service.
AnalysisAI
Denial of Service in Samsung Exynos processors and modems (including 980, 850, 990, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 1680, 9110, W920, W930, W1000, and Modems 5123, 5300, 5400, 5410) allows unauthenticated remote attackers to cause complete service disruption via network-based attacks requiring low complexity and no user interaction. The vulnerability stems from improper input validation (CWE-20) affecting mobile, wearable, and baseband modem chipsets used across Samsung's semiconductor product line. No public exploit identified at time of analysis, though the CVSS vector indicates trivial exploitation conditions (AV:N/AC:L/PR:N/UI:N) that could enable network-accessible denial of service attacks against devices containing these chipsets.
Technical ContextAI
This vulnerability affects Samsung's Exynos system-on-chip (SoC) processors spanning mobile processors (Exynos 980, 850, 990, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 1680), wearable processors (Exynos 9110, W920, W930, W1000), and cellular baseband modems (Modem 5123, 5300, 5400, 5410). The root cause is classified as CWE-20 (Improper Input Validation), indicating insufficient sanitization or bounds checking of data received from network interfaces. Exynos processors integrate CPU, GPU, ISP, and cellular modem functionality in mobile and wearable devices, making them critical attack surfaces for network-facing services. The improper validation likely occurs in baseband firmware or network protocol handling code that processes untrusted input from cellular networks or other network interfaces, allowing malformed or unexpected data to trigger resource exhaustion, crashes, or infinite loops that result in complete availability loss.
RemediationAI
Consult Samsung Semiconductor's official product security updates portal at https://semiconductor.samsung.com/support/quality-support/product-security-updates/ and the CVE-specific advisory at https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-54328/ for patch availability and affected firmware versions. Device manufacturers integrating Exynos chipsets (including Samsung Electronics for Galaxy devices) typically distribute patches through Android security updates or firmware over-the-air (OTA) updates. End users should apply the latest security patches from their device manufacturer when available. Enterprise deployments should monitor Samsung security bulletins and coordinate with device vendors for patch deployment timelines. As a temporary mitigation where patching is not immediately feasible, network-level protections such as anomaly detection on cellular and network interfaces, rate limiting, and intrusion prevention systems may reduce exposure, though these cannot fully address the underlying input validation flaw in chipset firmware.
More from same product – last 7 days
Out-of-bounds write in Samsung's Escargot JavaScript engine allows attacker-supplied scripts to corrupt memory through t
In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use priv->vidi_dev for ctx lookup
In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: fix to avoid directly dereferenci
Share
External POC / Exploit Code
Leaving vuln.today